CLAIMS 

We claim : 

1. A method implemented in a firewall for 
communicating information between programs employing 
different protocols, comprising communicating information 
between the programs by protocol translating the information 
between the different protocols, 

2. The method according to claim 1, wherein one 
of the programs is in front of the firewall employing a 
stateless application level protocol, and another of the 
programs is behind the firewall employing a persistent 
application level protocol. 

3. The method according to claim 2, further 
comprising establishing a persistent connection with the 
program behind the firewall before communicating information 
between the programs. 

4. The method according to claim 3, further 
comprising communicating with the program in front of the 
firewall over the Internet, and communicating with the 
program behind the firewall over a local area network. 

5. The method according to claim 4, wherein the 
program in front of the firewall resides on a client server. 

6. The method according to claim 4, wherein the 
program behind the firewall resides on a web server 
protected by the firewall. 
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7. 



A method implemented in a firewall for 



communicating information between a first program employing 
a first application level protocol in front of the firewall, 
and a second program employing a persistent application 
level protocol behind the firewall, comprising: 

establishing a persistent connection with the 
second program; and 

communicating information between the first 
program and the second program by protocol translating the 
information between the first application level protocol and 
the persistent application level protocol. 

8. The method according to claim 7, wherein the 
first application level protocol is a stateless application 
level protocol. 

9. The method according to claim 8, wherein the 
stateless application level protocol is hypertext transfer 
protocol . 

10. The method according to claim 7, wherein the 
persistent application level protocol is remote frame buffer 
protocol . 

11. The method according to claim 7, wherein the 
establishing a persistent connection comprises opening a 
socket with the second program, and maintaining the socket 
open until communication between the first program and the 
second program terminates. 

12. The method according to claim 7, further 
comprising receiving a request for information over the 
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Internet from the first program directed to the second 
program, before establishing the persistent connection with 
the second program. 

13. The method according to claim 7 , further 
comprising receiving a request for information from the 
second program directed to the first program, after 
establishing the persistent connection with the second 
program. 

14. An apparatus in a firewall for communicating 
information between a first program employing a first 
application level protocol in front of the firewall, and a 
second program employing a persistent application level 
protocol behind the firewall, comprising a bastion host 
having a protocol proxy for establishing a persistent 
connection between the protocol proxy and the second 
program, and communicating information between the first 
program and the second program by protocol translating the 
information between the first application level protocol and 
the persistent application level protocol. 

15. The apparatus according to claim 14, wherein 
the first application level protocol is a stateless 
application level protocol. 

16. The apparatus according to claim 15, wherein 
the stateless application level protocol is hypertext 
transfer protocol. 

17. The apparatus according to claim 14, wherein 
the persistent application level protocol is remote frame 
buffer protocol. 
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18. The apparatus according to claim 14, wherein 
the establishing a persistent connection comprises opening a 
socket with the second program, and maintaining the socket 
open until communication between the first program and the 
second program terminates. 

19. The apparatus according to claim 14, wherein 
said bastion host further includes a packet filter, and said 
protocol proxy is further for cooperating with the packet 
filter to receive a request for information over the 
Internet from the first program directed to the second 
program, before establishing the persistent connection with 
the second program. 

20. The apparatus according to claim 14, wherein 
said protocol proxy is further for receiving a request for 
information from the second program directed to* the first 
program, after establishing the persistent connection with 
the second program. 
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